California SB-1159: On 9/17/2020 California enacted SB-1159 which imposes certain reporting requirements on California employers. Effective immediately, California employers are required to report positive COVID-19 tests to their workers compensation claim administrator, whether there is an allegation the COVID-19 exposure is related to work or not. Additional information on California SB-1159 can be found here.

3 Types of Cyberattacks

Topics: Cyber Liability

Cyberattacks against small businesses have become more aggressive since the beginning of the COVID-19 outbreak and are increasingly difficult to detect. The following real-world examples will help guide you in how to identify an attack and avoid becoming a victim.

Phishing Scams

Phishing is a type of social engineering scam that attempts to fraudulently obtain sensitive information using email.

What does a phising attack look like?

An email appears to be coming from someone you typically do business with. Although it seems legitimate, you need to be extremely vigilant. If the message format is different in any way or includes red flags like poor grammar, syntax errors, broken links, etc., this could be an indicator of a phishing email. It may be written with a sense of urgency, or include a warning that your “account will be closed” or your “access will be limited.” These are both telltale signs of a targeted scam.

What should you do after a phising attack?

Find the contact’s direct phone number via their website to verify email information, especially if it involves a financial transaction or confidential data. Do not use the phone number in the email, as it may also be fraudulent.

phishing scams email subject lines

Smishing Scams

Smishing is a type of phishing attack using texting via short message services (SMS) on cell phones.

What does a smishing attack look like?

You’ll receive a call or text from someone claiming they are support technicians from a company such as Microsoft or Apple, offering to assist with a technical issue you are having. They will attempt to coax you into visiting a website so they “can take care of the problem for you.” You’ll be sent a link to download a file, which will contain malware such as a Trojan or ransomware. They may also ask you to visit a website that is designed to gain access to your computer or device using online collaboration tools similar to WebEx, Microsoft Teams, Slack, Zoom or GoToMeeting.

What should you do after a smishing attack?

Hang up and call your company’s help desk number. Only allow help desk employees to assist with your computer or mobile device problem.

Vishing Scams

Vishing is another type of phishing attack that is carried out by phone and often targets users of Voice over Internet Protocol (VoIP) services like Skype.

What does a vishing attack look like?

An email will appear in your inbox that may seem real, with company logos, links and branding, and suggests you click a link to approve something such as a financial transaction. The link will then take you to a page that appears to be the company’s website. You’ll be asked to enter your credentials; this information will be harvested and used by the attacker to gain access to your account or your company’s system.

What should you do after a vishing attack?

If the email looks suspicious in any way, even if the email comes from someone you know, be sure to:
  • Contact your IT/security department, if you have one
  • Contact the sender via phone call to confirm that he or she sent the message
  • Avoid clicking links or attachments appearing in the email

If you receive what appears to be a cyberattack, there are two things you should do: report it and delete it. Alerting your company’s IT security staff of any fraudulent activities can help prevent other employees or business partners from falling victim to the same attack.

Cyber Liability Coverage from AmTrust

AmTrust specializes in providing insurance solutions for small businesses across a wide variety of industries. We can offer you protection with our Cyber Liability coverage to help protect your company from a range of cyberattacks. We are committed to evolving our coverage as new threats emerge for our customers.

Visit AmTrust's dedicated page on coronavirus information, where you'll find details on what we are doing to assist small businesses as the country reopens. Also, find loss control videos and training material, links to additional resources and our coronavirus resource center. For more information on our small business insurance solutions, please contact us today.

Time Zones